One week of Windows 10 and security notes

1. I just want to let you know that I am one week into the Windows 10 adventure and so far I think it is a great operating system. Microsoft should be very proud of this product and they have rewarded one of their product managers who oversaw a key part of Windows 10 development, making him a vice president. This is a sharp contrast from the Windows 8 release when the executive it was entrusted to was forced to resign by the end of 2012.

Windows 10 is every bit as good of an operating system as Windows 7 was. Microsoft combined the best elements of Windows 7 with the security and positive features of Windows 8. The number of upgrades since last Wednesday is 20 million and counting, perhaps more by the time you read this. I am encouraging all of my Windows clients to embrace Windows 10 one way or another. For most of you this will come by claiming the free upgrade that Microsoft provides. While I am ready to help you upgrade now, you do have a full year from July 29 to claim the free upgrade. If you have a computer that shipped with Windows 7 or higher and it runs well, then you are a good candidate for Windows 10. If your computer is more than five years old or is really sluggish, then you may want to consider a new computer running Windows 10. Either way I’m willing to help you.

For the Mac users out, there you must have some Windows users in your family, office, or circle of friends. They may be starting to talk about Windows 10. Windows 8 was quite the water cooler topic, albeit a very negative one. You can let them know that your computer guy gives it his full blessing.

2. A longtime friend’s e-mail got hacked. I received a particularly nasty message from him (but not really from him) today with sent from address indicating a Chinese email provider. However that doesn’t truly indicate where it is from. You could make your emails say whitehouse-dot-gov if you really wanted to. I then opened up the full headers of the email (something that you shouldn’t examine unless you know what you are doing) and found the sent from IP address. That indicates the server the message was sent from. That indicated to me that it was sent from China. Unfortunately, the hacker stole his address book and sent a message out with a malicious link. Naturally, I did not click the link. That link would have likely stolen information I had stored in my browser or placed an even deeper malware infection on my computer.

At times I have gotten those types of emails from some of you or you have personally been the victim of this type of attack.

This should just be a subtle reminder, please change your email password if you have not changed it in the last 3 to 6 months. That password should ideally be 12 to 15 characters long. You should be using a serious password manager like Last Pass, 1Password, or Dashlane (I am more familiar with the first two). At the very worst, you should use the built in password manager from Safari, Chrome, or Firefox. However, the browser based password managers don’t easily help you generate a randomized password like Last Pass, 1P, or Dashlane do. Randomized passwords are the key. You should never use a password on more than one website. If you just use one of the simple, browser based password managers or ….gasp….. do not use a password manager at all….. use this tool XK Password. It is a website created by Irish security expert Bart Busschots, a man that I have a lot of respect for. It will help you generate several randomized passwords that you can print out and use.

The way I see logins and passwords — the only passwords you should remember are the one to log into your computer and the master password for your password manager. Even those passwords should be hard to guess, but easy for you to remember.